Analysis
-
max time kernel
137s -
max time network
184s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
13-06-2024 23:55
Static task
static1
Behavioral task
behavioral1
Sample
a733385af1440d1473f9d03674086400_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
UPPayPluginEx.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral3
Sample
UPPayPluginEx.apk
Resource
android-33-x64-arm64-20240611.1-en
General
-
Target
a733385af1440d1473f9d03674086400_JaffaCakes118.apk
-
Size
20.5MB
-
MD5
a733385af1440d1473f9d03674086400
-
SHA1
a2dc5ca35bf16552a59aed20f365f95c80f46a25
-
SHA256
be7bc26ee7c903c59ed98eb6e7f0becc24d7077fab41875a626ce334d8b0aaf1
-
SHA512
1262bf084d551f2cf1fc53db0ddaf23d1fbcfef44a8ce6ffddabfcd72e8291cf5fa4e15e2bd75a11b5789294e652735e5dcab8b3229a8ef81cf558642675e16f
-
SSDEEP
393216:VbeVdsxk/QRK/Aoro4IgJSOlEbeKEjut0lyIgpma2VHThZDCNc9f01sojmh:wVgk/AK/AIo4Dq5cutdz9IFNCWx01sou
Malware Config
Signatures
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.ifreetalk.ftalkdescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.ifreetalk.ftalk -
Acquires the wake lock 1 IoCs
Processes:
com.ifreetalk.ftalkdescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.ifreetalk.ftalk -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.ifreetalk.ftalkdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.ifreetalk.ftalk -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.ifreetalk.ftalkdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.ifreetalk.ftalk -
Checks CPU information 2 TTPs 1 IoCs
Processes
-
com.ifreetalk.ftalk1⤵
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
-
/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq2⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.ifreetalk.ftalk/databases/ftalk.dbFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.ifreetalk.ftalk/databases/ftalk.db-journalFilesize
512B
MD5ba230acf0a05981385bf23a149ca5170
SHA14bc87333256b635292ef9da9eebb22193eba912a
SHA25688faefdd55327a70d2ae42cfa0ac00891baf2eb809c8f8dac001e6656bf027c7
SHA512ed8c92c398cb5ab57dd36c1c4c20826fbbd8bfd72983945bee7dbf1678b6780b43711e08771aa6b705fd13f2957dbb01883a6ddc3e77bb4aeddb9608f1c18d26
-
/data/data/com.ifreetalk.ftalk/databases/ftalk.db-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.ifreetalk.ftalk/databases/ftalk.db-walFilesize
120KB
MD59aaee876eb59deab9236f414b8f493e8
SHA1487e11e24b732d156b5261baf0f6484e1f511719
SHA256dd0c7991468bf64b1b6dc502f65140ad60d0074a17d8b3ad3de03f47ef764b0e
SHA512c548580c8c0d1228ab23d39471010244f144e927565c2c6e7b0b8406661798b7265db584c174842e507a1e59577f9c4523e339e31159ab6a50afea3b50475743
-
/storage/emulated/0/ifreetalk/download/action/ACTION000/thumb.pngFilesize
5KB
MD52c342ff1ea2ce84056749b0eb3003c96
SHA1897f3725ec79c30075e71bb98c18c3c028e90bcb
SHA256de7cdf8856fe4f6b85eb88495ef7970e78767834db42082781e88481009ec4f2
SHA51297ab8eed691da2fef68a809dac901d7af85bb8c665fa0206a47184f365ec7b1831a2130b5339dbff6a5804e4dd1780e6c3f5617918ac3a4e7275095ba07b0080
-
/storage/emulated/0/ifreetalk/download/action/ACTION001/thumb.pngFilesize
8KB
MD592b7d47aca056ec316aee120ca79a0b2
SHA1811068ecb1f1f023bd6ed9c33d7c5b38d1394c63
SHA2560c0ace35a9fba4290cb721280bc499ad8973f8a61542dbc3738159f6ff64617e
SHA512d71386c1f38aac97f260de4d9ed441c1f860d4b55f4f030d7f0e4495320a8465641c38f239fb482df50bc6bd36f99cf77578ace44f1d076902a7611eab8f0a54
-
/storage/emulated/0/ifreetalk/download/action/ACTION002/thumb.pngFilesize
7KB
MD591d883581d590451fa1d5b617a793f8d
SHA1dae876a59237400b31fd1c30c9e467c0bfaecc7d
SHA2564859b0f4bd8b30194eefe6c3993e3ae48a06ead119cef353d7a03a8dc4cf3d65
SHA51216e5e37bf6894105bfb14097d6b08eabd4a8480a262e9817d3215b3815f07b86daf0f19190fcebd4a580dcaa82286c0df429b31a5d47ae4eb84e5777ea0c1a19
-
/storage/emulated/0/ifreetalk/download/action/ACTION010/thumb.pngFilesize
5KB
MD54e8d097427319c04663269f0eb5b6d0b
SHA147963b13c790091f8acc5ece0b3978028503b08d
SHA25627ebf2b512060d5e4da08e455139acbccd77a916e0fc45ab525bca3cdfd8fc5e
SHA5129f947644ddd81f55404db62810ba3793bf00ecab6bb1c7ad0fc0e88261c51592a79ad4437665000b3d1422dd299e4f1232aa37270ef90e73fb0ebff09e7bbde0
-
/storage/emulated/0/ifreetalk/download/action/ACTION011/thumb.pngFilesize
5KB
MD50b48b3654802a369dc54ace4f6c34d7f
SHA1cc5657c4eb9cadade6d6c5d11eb7e16fd8d2bba6
SHA256e18a8c4bda6655c921436f305e23e079505a6a7de0c2a3c750b345b338b20f44
SHA512d9c9dfb71f98220065d65485d0e5317efe4369bb6b02ad2d657a201dae97585ae32d6c9d8a8473d518998df87630e0bfe63721b95d5fcc4e374b800c3226a70f
-
/storage/emulated/0/ifreetalk/download/action/ACTION012/thumb.pngFilesize
6KB
MD56beb56ca613811c13265b13ad90181ae
SHA1efa170c344cb23d1848faf798d1033c6b7c85717
SHA256cf62da15f3c1ee2c80df203f5399dd5c3e54ca34614c54f72781847e04c9bad1
SHA5123cd7d78ca1160bc0fd3d17c84986a2a38841068fa1127e1dd593ba593bb4ff5af4070f5c3930c670f6e3d12c4c0ac9388aac17fee6f65eb7852c67e387797cf2
-
/storage/emulated/0/ifreetalk/download/action/ACTION013/thumb.pngFilesize
7KB
MD51a102b45096f2615f0258e4fecb58a77
SHA12b933375f2dc29844c5d6374f2669367b9bd99a2
SHA2560e969d013a94d8eeba1cfddff6226ecc43e74784f4aa2f639b8c350521c6c0a7
SHA51292c938f05107c469a4aaf5592e9eef2eb48a4d541edb1e40b2a6a47080850386f036c655e691c1ec4cc6831526dbba318de122ba63c7cd25f28e564e6492e526
-
/storage/emulated/0/ifreetalk/download/action/ACTION100/thumb.pngFilesize
5KB
MD54301d94c670112130b8c017c83b69112
SHA1d5d91d5a8275c7ddeccac0bb87a37e8232934fb8
SHA2564c493cb76af244f9173f2c48333825c4dc7b0a6a863abb46d4765ff56af018d3
SHA512e8fe39d4c93c8be8e7b6423740bdb51b153148fce9efa8d37b9a3ea018e9671c91236bcc0724b72b73e4975a19bbb6f883498004d2be8aad4489dafefd748018
-
/storage/emulated/0/ifreetalk/download/action/ACTION101/thumb.pngFilesize
6KB
MD515268059b89fdc813e345bdc8d917c59
SHA1cb0f9326cbbbc7af2dab334414dd344dae0663c0
SHA256460d1d89dfaf016b05bd5e05d2debf0b81704b6832808d3f46cc03088d767bf9
SHA5120bb2ef6d360a5e7c049c97d35b18b2615da02c190ddf1bb88c7140b5db4e0818511a811bbcabf841c5ad5a2203bc36a54489be0d5953157cf6d52fd0d5e3d373
-
/storage/emulated/0/ifreetalk/download/action/ACTION102/thumb.pngFilesize
7KB
MD5cc5b2d716b21cd19bdc32e08fdcd4625
SHA19befbaa60635f9ca6d10e4991378dd2354a8a529
SHA2569ff9039a2eb3e2965788bac24a4488d556c17d7905880c41f2625d6953b4d231
SHA512986ab6bdbca7317a5fa2139d82df8bebe8bc5e018f65d0d83b77557e796385145353e9b2c4e3a6e32a0471cee5275855f9b35f7a92e78a9ddbadda5b642061dd
-
/storage/emulated/0/ifreetalk/download/action/ACTION103/thumb.pngFilesize
6KB
MD5e8eec72d5bbcb0c6f7c56edb859ac09e
SHA1055ffc028e110a1f5c3ce39684d3d793c9dbe6b4
SHA256bd800a3a1a122b73e3cd459704bfcf6ba98af0f86b4665d81e1324668b90004a
SHA512be764527fa73a594dd60712254b96fcda4ece0d83ab27c4281f02597bfb0f241ebf71998dd99f8e28e588d97560536c494d503215c10cb7bfd1810ea4e8d5c7c
-
/storage/emulated/0/ifreetalk/download/action/ACTION110/thumb.pngFilesize
7KB
MD5991134b1170bc97a5082edafc91643f1
SHA1f7eefe52b7093d70ec38ff0e58acbaccdffad53b
SHA2565beaff61dad2588027eb0a146ab70365f2cfc2b4472ddb951779286b69800302
SHA5122565127ba3f424455615540da9bcba201d779dba8a3039a6e7d217558402a8fa5b846423e4ad1889e3313063c0dba10c3df58e0d763139f608f6d5f8af0472d6
-
/storage/emulated/0/ifreetalk/download/action/ACTION111/thumb.pngFilesize
5KB
MD5be7d7a1e98a3b57196f632751f002b6c
SHA1d1c529ebeea19e0df047b374a7ecda0da7741007
SHA256a1631a56c1c4864928a249ee8533d5d021d4becbf8d235ce03eef760bc08d89c
SHA51211181b8a01951789f8854482d28d481b54d6da5213a8dbe553127d366c8c3b956cff1686e06cd8699f50853feb8762bf759f0235c58e683cbf3eceeb8741f7e4
-
/storage/emulated/0/ifreetalk/download/action/ACTION112/thumb.pngFilesize
5KB
MD5b905f4c4679f2b6b3dd260ff14bb1e3d
SHA1efc6bca138eeae4cc3502f68e2c2ba7e5d0be3a5
SHA256b3dc8f7ddfb2f94aea1b674c78cf66ff1c88629daedeaf3f9b1c3512aa9e79ff
SHA5121f7c26b6a0b1d74c33b6b71ff5d38c1bb0be22a3a4c4f09b06b719f09901f16521b1238d1ee1dad83d54a7d81f0f3d81f7814660ab4e3ab2bf894a912cd62732
-
/storage/emulated/0/ifreetalk/download/action/ACTION113/thumb.pngFilesize
5KB
MD57b2c28d202228e77004843aab49cde27
SHA10a7f5b704bfb02bc965835c3c6901fdad4a0df94
SHA256a47a9f5430db1fc690e6766b75dee8a7ce0dd2d099eb66920d65133f9350e542
SHA5125b5f68f21a7fff321846eed4e3b3a1d44ebb752cabed0289f94c1ef4a213f033d6cee03cdf5a3a9518e76676a2a5ce2d851c2d4edc84ffa7ff1d63cdd03ebd90
-
/storage/emulated/0/ifreetalk/download/action/json/0000.jsonFilesize
1KB
MD53bebf43aee3d1b08afb5e08df1d7880b
SHA1d852b44b34db7db381abdcd6d61c492aaf2e13be
SHA2560b66f4c61f3c5e849b2d5234f23ea35290f68e28826188ea000f5e8c42f67e22
SHA5129a63bf7320b82c50829501bb9332383159b9ea976bf162c7f0babd5d268431186fbcd1334239b6ade22dd324314828378c594585c0af6879da41c173e24d75c5
-
/storage/emulated/0/ifreetalk/download/imgcache/journal.tmpFilesize
31B
MD58c92de9ce46d41a22f3b20f77404cc1d
SHA18671a6dca00edb72be47363a7071be65cf270373
SHA25668bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA51230f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56